[cvsnt] Fw: Users unable to add or commit - UPDATE

pdfeeny at aep.com pdfeeny at aep.com
Wed Oct 15 13:20:31 BST 2008


Hi all,

I found the problem with the issue of users not being able to commit. 

It turns out that if the CVSNT group file is committed a certain way, the 
file acquires permissions of -r-------- or 400.  So if I, as a CVSNT 
admin, telnet to the Linux server, check out CVSROOT, modify group, then 
commit, the group file would be read-only for owner.  I have not yet 
determined how the permissions got whacked out, but changing the 
permissions on the file in the repository fixes the problem.




Paul D. Feeny, MCP, MCSA
IT System Administrator II - SCM
IT Production Management
Audinet: 200.2249
Phone: 614.716.2249




pdfeeny at aep.com 
Sent by: cvsnt-bounces at cvsnt.org
10/07/2008 08:25 PM

To
cvsnt at cvsnt.org
cc

Subject
[cvsnt] Fw: Users unable to add or commit






Hi All,

We are experiencing an issue where users are unable to commit or add to 
the repository.  checkouts and updates seem to be unaffected.

We are running 2.5.03 (Scorpio) Build 2382 on RHLinux 2.6.9-42.ELsmp. 
Users authenticate to active directory through samba and winbind.  A 
typical CVSROOT is :sspi:cafp1:/usr/local/cvs/caf

Clients are Windows XP SP2

The services have been cycled. 

The server has been  rebooted.

The server administrator has verified that user authentication is 
occurring between the Linux server and Active Directory.

Users will typically receive an error like this:

cvs server: Edit on file 'AEDBGRID.PAS' refused by server
cvs edit: invalid data from cvs server

or this:

cvs server: User 's210554' cannot create 
/usr/local/cvs/caf/suites/AEP.COG.FUEL.FELPM/database/Anonymous on 
tag/branch bd-FELPM-3-1-1
cvs [server aborted]: Prohibited from access by your personal cvsnt access 

level. You require heightened access to perform this action.

I had one user run a trace (since I as an administrator do not get the 
error).  This is the output from the trace:

15:20:54:   -> Tracelevel set to 3.  PID is 3436
15:20:54:   -> Session ID is d6c48ebb69665a5
15:20:54:   -> Session time is Tue Oct  7 19:20:54 2008
15:20:54:   -> Loading protocol sspi as sspi.dll
15:20:54:   -> CLibraryAccess::Load loading 
C:\PROGRA~1\CVSNT/protocols/sspi.dll
15:20:54:   -> main loop with CVSROOT=:sspi:cafp1:/usr/local/cvs/caf
15:20:54:   -> Server codepage is UTF-8
15:20:54:   -> Client codepage is CP1252
15:20:54:   -> Server->Client codepage translation is active
15:20:54:   -> Server version is CVSNT 2.5.03 (Scorpio) Build 2382
15:20:54:   -> Client version is CVSNT 2.5.03 (Scorpio) Build 2382
15:20:54:   -> Requesting server cvsignore
15:20:54:   -> Requesting server cvswrappers
15:20:54:   -> Requesting server cvsrc (read-cvsrc2)
15:20:54:   -> Parsing global cvsrc started
15:20:54:   -> Parsing global cvsrc finished
15:20:54:   -> Name_Repository((null),)
15:20:54:   -> open_directory(/usr/local/cvs/caf/suites/PAT,(null),(null))
15:20:54:   -> Name_Repository((null),)
15:20:54:   -> Repository = /usr/local/cvs/caf/suites/PAT
15:20:54:   -> Mapped repository = /usr/local/cvs/caf/suites/PAT
15:20:54:   -> wnt_stat(a.txt)
15:20:54:   -> _statcore(00000000,a.txt)
15:20:54:   -> Trying GetFileAttributesEx....
15:20:54:   -> File attributes = 00000020
15:20:54:   ->  - read/write file
15:20:54:   -> GetUnixFileModeNtEA(a,00000654) returns 0000
15:20:54:   -> close_directory()
15:20:54: S -> server_main started
15:20:54: S -> run precommand proc server
15:20:54: S -> run_trigger()
15:20:54: S -> LoadTrigger(info.la)
15:20:54: S -> LoadTrigger(email.la)
15:20:54: S -> Email trigger not enabled.
15:20:54: S -> Couldn't load trigger email.la
15:20:54: S -> LoadTrigger(checkout.la)
15:20:54: S -> Checkout trigger not enabled.
15:20:54: S -> Couldn't load trigger checkout.la
15:20:54: S -> LoadTrigger(audit.la)
15:20:54: S -> Not loading disabled trigger audit.la.
15:20:54: S -> Couldn't load trigger audit.la
15:20:54: S -> Call pre-loaded 'info.la'
15:20:54: S -> precommand_proc()
15:20:54: S -> default_trigger: parse_info(CVSROOT/precommand,%r 
%c,%<a,<null>)
15:20:54: S -> Name_Repository((null),)
15:20:54: S -> open_directory(/usr/local/cvs/caf/suites/PAT,(null),(null))
15:20:54: S -> RCS_parse(.directory_history,/usr/local/cvs/caf/suites/PAT)
15:20:54: S -> 
rcsbuf_open(/usr/local/cvs/caf/suites/PAT/.directory_history,v)
15:20:54: S -> rcsbuf_open failed
15:20:54: S -> 
rcsbuf_open(/usr/local/cvs/caf/suites/PAT/Attic/.directory_history,v)
15:20:54: S -> rcsbuf_open failed
15:20:54: S -> No mapping file in this directory.
15:20:54: S -> map_filename(/usr/local/cvs/caf/suites/PAT,a.txt)
15:20:54: S -> map_repository(/usr/local/cvs/caf/suites/PAT/a.txt)
15:20:54: S -> Loading modules2 from /usr/local/cvs/caf/CVSROOT/modules2
15:20:54: S -> lookup_module2(suites/PAT/a.txt,1)
15:20:54: S -> map_repository(/usr/local/cvs/caf/suites/PAT)
15:20:54: S -> lookup_module2(suites/PAT,2)
15:20:54: S -> RCS_parse(a.txt,/usr/local/cvs/caf/suites/PAT)
15:20:54: S -> rcsbuf_open(/usr/local/cvs/caf/suites/PAT/a.txt,v)
15:20:54: S -> rcsbuf_open failed
15:20:54: S -> rcsbuf_open(/usr/local/cvs/caf/suites/PAT/Attic/a.txt,v)
15:20:54: S -> rcsbuf_open failed
15:20:54: S -> 
verify_perm(/usr/local/cvs/caf/suites/PAT,a.txt,create,(null),(null))
15:20:54: S -> verify_owner(/usr/local/cvs/caf/suites/PAT)
15:20:54: S -> Checking admin file /usr/local/cvs/caf/CVSROOT/admin for 
user s205397
15:20:54: S -> add_valid_group(cafdev)
15:20:54: S -> cache_directory_permissions(/usr/local/cvs/caf/suites/PAT)
15:20:54: S -> fileattr_read(/usr/local/cvs/caf/suites/PAT)
15:20:54: S -> fileattr_read(/usr/local/cvs/caf/suites)
15:20:54: S -> fileattr_read(/usr/local/cvs/caf)
15:20:54: S -> verify_valid_name(s211599)
15:20:54: S -> cache_directory_permissions(/usr/local/cvs/caf/suites/PAT)
15:20:54: S -> ACL lookup on directory /usr/local/cvs/caf/suites/PAT
15:20:54: S -> verify_acl(create,HEAD,(null))
15:20:54: S -> verify_valid_name(PAT_dev)
15:20:54: S -> verify_valid_name(PAT_lead)
15:20:54: S -> matched ACL user=, branch=_default_, merge=
15:20:54: S -> calculated ACL priority is 0
15:20:54: S -> user_state = 0, group_state = 0
15:20:54: S -> no match at this level
15:20:54: S -> ACL lookup on directory /usr/local/cvs/caf/suites
15:20:54: S -> verify_acl(create,HEAD,(null))
15:20:54: S -> verify_valid_name(DWMS_dev)
15:20:54: S -> verify_valid_name(cvsadm)
15:20:54: S -> verify_valid_name(cvsadmin)
15:20:54: S -> matched ACL user=, branch=_default_, merge=
15:20:54: S -> calculated ACL priority is 0
15:20:54: S -> new max priority is 0
15:20:54: S -> user_state = 0, group_state = -1
cvs server: User 's205397' cannot create /usr/local/cvs/caf/suites/PAT
cvs [server aborted]: Prohibited from access by your personal cvsnt access 

level. You require heightened access to perform this action.

Currently no users can commit or add to the repository.  I have searched 
the archives and the net for similar issues and found none. 

Has anyone encountered anything like this before?  What did you do to fix 
the issue?  What did you do to prevent the issue recurring in the future?


Any assistance or advice would be greatly appreciated.  Thanks in advance.



Paul D. Feeny, MCP, MCSA
IT System Administrator II - SCM
IT Production Management
Audinet: 200.2249
Phone: 614.716.2249

_______________________________________________
cvsnt mailing list
cvsnt at cvsnt.org
http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt




More information about the cvsnt mailing list